qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC] Add NRF51 RNG peripheral

From: Daniel P . Berrangé
Subject: Re: [Qemu-devel] [RFC] Add NRF51 RNG peripheral
Date: Tue, 19 Jun 2018 14:11:02 +0100
User-agent: Mutt/1.9.5 (2018-04-13) 
On Tue, Jun 19, 2018 at 06:54:51AM -0400, Steffen Görtz wrote:
> Add a model of the NRF51 RNG peripheral.
> 
> Signed-off-by: Steffen Görtz <address@hidden>
> ---
>  hw/misc/Makefile.objs       |   1 +
>  hw/misc/nrf51_rng.c         | 241 ++++++++++++++++++++++++++++++++++++
>  include/hw/misc/nrf51_rng.h |  61 +++++++++
>  3 files changed, 303 insertions(+)
>  create mode 100644 hw/misc/nrf51_rng.c
>  create mode 100644 include/hw/misc/nrf51_rng.h
> 

> +static void nrf51_rng_timer_expire(void *opaque) {
> +    Nrf51RNGState *s = NRF51_RNG(opaque);
> +
> +    qcrypto_random_bytes(&s->value, 1, NULL);

Passing NULL for the error object and ignoring return value is a
security flaw, because you'll be reporting non-random data to the
guest on failure. If you don't want to handle failure, then best
thing todo is pass  &error_abort so that QEMU terminates if the
RNG fails

> +
> +    s->state.event_valrdy = 1;
> +    qemu_set_irq(s->eep_valrdy, 1);
> +
> +    if(s->state.interrupt_enabled) {
> +        qemu_irq_pulse(s->irq);
> +    }
> +
> +    if(s->state.shortcut_stop_on_valrdy) {
> +        s->state.active = 0;
> +    }
> +
> +    rng_update_timer(s);
> +}

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|
reply via email to
[Prev in Thread] Current Thread [Next in Thread]